Information Exposure in IBM Multi-Enterprise Integration Gateway and B2B Advanced Communications
CVE-2015-5022
Currently unrated
Summary
The IBM Multi-Enterprise Integration Gateway and B2B Advanced Communications products have a vulnerability that exposes sensitive information. When guest access is enabled, an internal hostname and payload path can be unintentionally leaked in response data. This situation allows remote authenticated users to exploit trading-partner relationships to gain unauthorized access to sensitive response fields, thereby compromising data integrity and confidentiality.
References
Timeline
Vulnerability published
Vulnerability Reserved